1. Field of the Invention
Apparatuses and methods consistent with the present invention relate to inserting authentication code, and using data through authentication.
2. Description of the Related Art
There is a growing need for transmitting and receiving uncompressed audio/video (AV) data via a wireless transceiver system with a transmission rate of several Gbps, using a frequency band of several tens of GHz.
In this case, encryption must be performed to protect content. In such an environment, a stream encrypting algorithm is more desirable than a block encrypting algorithm, since it guarantees high-speed transmission.
According to the stream encrypting algorithm, a cryptogram is obtained by generating a key stream which is a random number bitstream and performing an exclusive OR (XOR) operation on plain text data in units of bits.
For example, a transmitting side makes a cryptogram C(=P XOR K) by performing an XOR operation on plain text P and a key stream K, and transmits the cryptogram C to a receiving side. Then, the receiving side derives the plain text P(=C XOR K) by performing the XOR operation on the cryptogram C and the key stream K.
However, the above feature of the stream encrypting algorithm enables an attacker to easily forge the original plain text P during transmission of the cryptogram C. That is, if the attacker simply performs the XOR operation on P′ during the transmission of the cryptogram C, the receiving side receives C′=C XOR P′ instead of the cryptogram C and obtains P XOR P′ instead of the original plain text P, as shown in the following equation:C′XOR K=CXOR P′XOR K=P XOR K XOR P′XOR K=P XORP′
Thus, in order to prevent such easy forgery, an authentication value may be inserted into data that is to be transmitted. That is, it is possible to determine whether the data is not forged during transmission of the data by checking the authentication value. To this end, various methods may be used. For example, a Hash value using a secret key, such as Message Authentication Code (MAC), may be inserted into the data. That is, even if an attacker forges the original data, the attacker cannot make an authentication value for the forged data when the attacker does not know a secret key K, thereby protecting the original data. In the block encrypting algorithm, an authentication value can also be inserted into data in order to prevent the data from being forged.
However, in some cases, use of an authentication value may be undesirable. For example, if a message that is to be transmitted is uncompressed high-definition data, the data must be transmitted at a very high speed, e.g., at a speed of several Gbps. Thus, when a transmitting/receiving error occurs that cannot be completely corrected, it would be better to use the data. However, when a data authentication value is used, even if a one-bit error occurs, the whole data may be discarded.
In contrast, in the case of compressed data, important information, such as copy control information, may be included in the data, and the copy control information may be in a ‘copy never’ state. In this case, if a data authentication value is not used, it is possible to easily forge the bits of the copy control information.
As described above, in the related art, insertion or non-insertion of an authentication value into the whole data is done irrespective of the type of the data, thereby preventing the data from being efficiently authenticated.